Embodiments include a system, an apparatus, a device, and a method. An embodiment provides a network device. The network device includes an information store operable to save a countermeasure useable in at least substantially reducing a harm caused by a malware (hereafter the “malware countermeasure”). The network device also includes a transmission circuit for sending a packet to at least one sub-network of a plurality of sub-networks. The network device also includes a protection circuit for implementing the malware countermeasure in the network device.
Legal claims defining the scope of protection, as filed with the USPTO.
1. A network device comprising: an information store operable to save a countermeasure useable in at least substantially reducing a harm caused by a malware (hereafter the “malware countermeasure”); a network analyzer coupled to the information store, the network analyzer module operable to generate a topological map to identify each respective node of a plurality of network nodes including at least one sub-network of a plurality of sub-networks; a transmission circuit for sending a packet to at least the one sub-network of the plurality of sub-networks; a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure including at least substantially reducing a communication privilege allowed a node of one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after the protection circuit implements the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the network device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment; and a decision circuit for determining if a criterion is met for implementation of the malware countermeasure.
2. The network device of claim 1 , wherein the information store operable to save a countermeasure useable in at least substantially reducing a harm caused by a malware further includes: an information store implemented in at least one of a computer storage media, a digital information storage device, a group of digital information storage devices, and/or a quantum memory device operable to save a countermeasure useable in at least substantially reducing a harm caused by a malware.
3. The network device of claim 1 , wherein the transmission circuit for sending a packet to at least one sub-network of a plurality of sub-networks further includes: a transmission circuit for receiving a packet from a node of another network and communicating the received packet to at a node of the least one sub-network of a plurality of sub-networks.
4. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for applying the malware countermeasure in the network device.
5. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including closing at least one port of the network device.
6. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially isolating the network device from a network.
7. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially isolating at least one sub-network of the plurality sub-networks from the network device.
8. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially isolating at least one node of a sub-network of the plurality sub-networks from the network device.
9. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially isolating a first sub-network of the plurality sub-networks from a second sub-network of the plurality sub-networks.
10. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially isolating at least two sub-networks of the plurality sub-networks from another network.
11. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially isolating the network device from at least one network address of a subnetwork of the plurality sub-networks.
12. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including sending a notice receivable by a device associatable with a person, wherein sending the notice comprises sending an email to an email account associated with the person, and/or sending a text message to a portable wireless device carried by the person, and/or sending a recorded voice message to a telephone number designated by the person.
13. The network device of claim 1 , wherein the protection circuit for implementing the malware countermeasure in the network device further includes: a protection circuit for implementing the malware countermeasure in the network device if the criterion is met for implementation of the malware countermeasure.
14. The network device of claim 1 , further comprising: a processor.
15. The network device of claim 1 , wherein the decision circuit for determining if a criterion is met for implementation of the malware countermeasure further includes: a decision circuit for determining if an authorization to implement the countermeasure has been received.
16. The network device of claim 1 , wherein the decision circuit for determining if a criterion is met for implementation of the malware countermeasure further includes: a decision circuit for determining if a presence of the malware is indicated.
17. The network device of claim 1 , wherein the decision circuit for determining if a criterion is met for implementation of the malware countermeasure further includes: a decision circuit for determining if an indicium of the malware is present in at least one of the network device, and/or in a node of the at least on sub-network of a plurality of sub-networks.
18. The network device of claim 1 , further comprising: a countermeasure engine operable to generate the malware countermeasure.
19. A method implemented in a computing device operable to facilitate communication of a packet to at least one sub-network of a plurality of sub-networks, the method comprising: saving a countermeasure useable in at least substantially reducing a harm caused by a malware (hereafter the “malware countermeasure”); generating a topological map to identify each respective node of a plurality of network nodes including the at least one sub-network of the plurality of sub-networks; determining if a criterion is met for implementation of the malware countermeasure; and implementing the malware countermeasure in the computing device if the criterion is met for implementation of the malware countermeasure, the implementing the malware countermeasure including at least substantially reducing a communication privilege allowed a node of one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after said implementing the malware countermeasure in the computing device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the computing device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment.
20. The method of claim 19 , wherein the determining if a criterion is met for implementation of the malware countermeasure further includes: determining if a criterion that includes receipt of an authorization to implement the countermeasure is met.
21. The method of claim 19 , wherein the determining if a criterion is met for implementation of the malware countermeasure further includes: determining if a criterion that includes an indicium of the malware being present in at least one of the network device, and/or in a node of the at least one sub-network of a plurality of sub-networks is met.
22. The method of claim 19 , wherein the implementing the malware countermeasure in the computing device if the criterion is met for implementation of the malware countermeasure further includes: applying the malware countermeasure to the computing device if the criterion is met for implementation of the malware countermeasure.
23. The method of claim 19 , wherein the implementing the malware countermeasure in the computing device further includes: implementing the malware countermeasure in the computing device, the implementing the malware countermeasure further including sending a notice receivable by a device associatable with a person, wherein sending the notice comprises sending an email to an email account associated with the person, and/or sending a text message to a portable wireless device carried by the person, and/or sending a recorded voice message to a telephone number designated by the person.
24. A network device comprising: means for facilitating communication of a packet to at least one sub-network of a plurality of sub-networks; means for generating a topological map to identify each respective node of a plurality of network nodes including the at least one sub-network of the plurality of sub-networks; means for saving a countermeasure useable in at ‘least substantially reducing a harm caused by a malware (hereafter the “malware countermeasure”); means for determining if a criterion is met for implementation of the malware countermeasure; and means for implementing the malware countermeasure in the network device if the criterion for implementation of the malware countermeasure is met, the implementing the malware countermeasure including at least substantially reducing a communication privilege allowed a node of one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after said implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the network device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment.
25. A computer-program product comprising: (a) program instructions operable to perform a process in a computing device, the process comprising: generating a topological map to identify each respective node of a plurality of network nodes including the at least one sub-network of the plurality of sub-networks; saving a countermeasure useable in at least substantially reducing a harm presented by a malware (hereafter the “malware countermeasure”) to a networked device and/or a node of a network; determining if a criterion for implementation of the malware countermeasure is met; and implementing the malware countermeasure in the computing device if the criterion is met for implementation of the malware countermeasure, the implementing the malware countermeasure including at least substantially reducing a communication privilege allowed a node of one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after said implementing the malware countermeasure in the computing device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the computing device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment; and (b) a non-transitory computer storage medium bearing the program instructions.
26. The computer-program product of claim 25 , wherein the implementing the malware countermeasure in the network device further includes: implementing the malware countermeasure in the computing device, the implementing the malware countermeasure further including sending a notice receivable by a device associatable with a person, wherein sending the notice comprises sending an email to an email account associated with the person, and/or sending a text message to a portable wireless device carried by the person, and/or sending a recorded voice message to a telephone number designated by the person.
27. A network device comprising: an information store configurable by a countermeasure useable in at least substantially reducing a harm caused by a malware (hereafter a “malware countermeasure”); a network analyzer coupled to the information store, the network analyzer module operable to generate a topological map to identify each respective node of a plurality of network nodes including at least one sub-network of a plurality of sub-networks; a decision circuit for determining if a criterion for implementation of a malware countermeasure is met; and a defender circuit for applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met, the applying the malware countermeasure including at least substantially reducing a communication privilege allowed a node of the at least one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after said implementing the malware countermeasure in the computing device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the computing device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment.
28. The network device of claim 27 , wherein the decision circuit for determining if a criterion for implementation of a malware countermeasure is met further includes: a decision circuit for determining if a criterion for implementation of a malware countermeasure is met and for selecting a malware countermeasure for application to the network device from among at least two malware countermeasures.
29. The network device of claim 28 , wherein the defender circuit for applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met further includes: a defender circuit for applying the selected malware countermeasure to the network device.
30. The network device of claim 27 , wherein the defender circuit for applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met further includes: a defender circuit for applying a malware countermeasure to the network device and for generating the malware countermeasure.
31. The network device of claim 27 , wherein the defender circuit for applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met further includes: a defender circuit for applying a malware countermeasure to the network device, the application of the malware countermeasure includes at least one of: closing at least one port of the network device; at least substantially isolating the network device from a network; at least substantially isolating at least one sub-network of the plurality subnetworks from the network device; at least substantially isolating at least one node of a sub-network of the plurality sub-networks from the network device; and/at least substantially isolating a first sub-network of the plurality sub-networks from a second sub-network of the plurality sub-networks.
32. The network device of claim 27 , wherein the defender circuit for applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met further includes: a defender circuit for applying a malware countermeasure to the network device, the application of the malware countermeasure includes at least one of: at least substantially isolating at least two sub-networks of the plurality sub-networks from another network; at least substantially isolating the network device from at least one network address of a sub-network of the plurality sub-networks; at least substantially reducing a functionally of the network device; and/or sending a notice receivable by a device associatable with a person associated of the network device.
33. The network device of claim 27 , further comprising: a transmission circuit for receiving a packet from a network and facilitate transmission of the packet to at least one sub-network of a plurality of sub-networks.
34. A method comprising: configuring an information store of a network device with a countermeasure useable in at least substantially reducing a harm caused by a malware (hereafter a “malware countermeasure”); generating a topological map to identify each respective node of a plurality of network nodes including at least one sub-network of a plurality of sub-networks; determining if a criterion for implementation of a malware countermeasure is met; and applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met, the applying the malware countermeasure including at least substantially reducing a communication privilege allowed a node of the plurality of network nodes including the at least one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after said implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the network device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment.
35. The method of claim 34 , wherein the determining if a criterion for implementation of a malware countermeasure is met further includes: determining if a criterion for implementation of a malware countermeasure is met and selecting a malware countermeasure for application to the network device from among at least two malware countermeasures.
36. A network device comprising: means for configuring an information store with a countermeasure useable in at least substantially reducing a harm caused by a malware (hereafter a “malware countermeasure”); means for generating a topological map to identify each respective node of a plurality of network nodes including the at least one sub-network of the plurality of subnetworks; means for determining if a criterion for implementation of a malware countermeasure is met; and means for applying a malware countermeasure to the network device if the criterion for implementation of a malware countermeasure is met, the applying the malware countermeasure including at least substantially reducing a communication privilege allowed a node of the plurality of network nodes including the at least one sub-network of the plurality of sub-networks, wherein the node is operable to communicate after said implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the network device, the reduced functionality including a restriction against performing a destructive writing operation, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment.
37. The network device of claim 36 , wherein the means for determining if a criterion for implementation of a malware countermeasure is met further includes: a means for selecting a malware countermeasure for application to the network device from among at least two malware countermeasures.
38. A network device comprising: an information store operable to save a countermeasure useable in at least substantially reducing a harm caused by a malware (hereinafter the “malware countermeasure”); a network analyzer operable to generate a topological map to identify each respective node of a plurality of network nodes including the at least one sub-network of the plurality of sub-networks; a transmission circuit for sending a packet to at least one sub-network of a plurality of sub-networks; and a protection circuit for implementing the malware countermeasure in the network device, the implementing the malware countermeasure including at least substantially reducing a functionality of the network device, wherein the network device is operable to communicate after said implementing the malware countermeasure in the network device, the implementing the malware countermeasure further including at least substantially reducing a functionality of the network device, the reduced functionality including a restriction against performing a destructive writing operation, and, a blocking an application from running, and a forcing a user and/or an application to execute in a tighter security environment.
39. The network device of claim 38 , further comprising: a decision circuit for determining if a criterion is met for implementation of the malware countermeasure.
40. The network device of claim 39 , wherein the decision circuit for determining if a criterion is met for implementation of the malware countermeasure further includes: a decision circuit for determining if an authorization to implement the countermeasure has been received.
41. The network device of claim 39 , wherein the decision circuit for determining if the criterion is met for implementation of the malware countermeasure further includes: a decision circuit for determining if a presence of the malware is indicated.
42. The network device of claim 39 , wherein the decision circuit for determining if the criterion is met for implementation of the malware countermeasure further includes: a decision circuit for determining if an indicium of the malware is present in at least one of the network device, and/or in a node of the at least on sub-network of a plurality of sub-networks.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
June 30, 2006
February 14, 2012
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.